Solved

Firewalling through Linuxconf

Posted on 2000-02-15
5
255 Views
Last Modified: 2010-04-20
I was just playing with Linuxconf, and I noticed that it is possible to set up IP routing rules through it, instead of manually putting "ipchains" statements in rc.local. Now I just need to find out where does Linuxconf put this information?
0
Comment
Question by:tibori
  • 2
  • 2
5 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 2525000
IP routing rules just specify how to get someplace. They don't provide any actual network security, for that you need ipchains and all that goes with it.
0
 
LVL 3

Author Comment

by:tibori
ID: 2525046
jlevie: It is called "firewalling" and there are some of the same options as with ipchains such as masquerading, blocking packets, forwarding packets etc. Have you tried doing this before? The reason I ask is to me it seems that its just a GUI for the ipchains commands. Even if I'm wrong, all I wanted to know is which files does the "firewalling" setup under Linuxconf modify?
Thanks
0
 
LVL 40

Accepted Solution

by:
jlevie earned 0 total points
ID: 2525460
My mistake, your question asked about the about the IP routing rules, which is completely different beast from Firewalling. I've run into more than one mis-guided person who thought that playing with routing was a substitue for a firewall.

Yes it's just a GUI interface that does the same thing that that ipchains does. It modifies the contents of /proc/net/ip_fwchains and /proc/net/ip_masquerade. I'ts not clear to me how much of an advantage it is over a config file. You still have to come up with the rules and you can't see all of the rules at once the way you can if they are in a file.
0
 

Expert Comment

by:castleinfo
ID: 2526027
You probably know this already but :
Most people create an rc.firewall file with all of the routing and IPCHAINS cmnds then change rc.local so that it runs the rc.firewall script.

Don't know anything about linuxconf though...
0
 
LVL 3

Author Comment

by:tibori
ID: 2528101
jlevie: Thanks, but I think you're right. It just makes things more confusing. I think I will go back to the ipchains commands.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question